Download TheHarvester – Email Address, Usernames, Hostnames Harvester and Collector

Download free TheHarverster latest version here. TheHarvester is a tool used for gathering and collecting e-mail address accounts, subdomain names, usernames, employee names, and or hostnames from different public sources like search engines such as Google, or Bing. If you are looking for a way to harvest or collect email address then this tool will be a great help for you. Pretty useful tool for penetration testing, as you can use it to gather information.

Download TheHarvester here (latest version)

theHarvester - email address harvester

The Harvester Supported Sources:

Google: google search engine – www.google.com
Google-profiles: google search engine, specific search for Google profiles
Bing: microsoft search engine – www.bing.com
Bingapi: microsoft search engine, through the API (you need to add your Key in the discovery/bingsearch.py file)
PGP: pgp key server – pgp.rediris.es
Exalead: Exalead search engine – www.exalead.com
Linkedin: google search engine, specific search for Linkedin users

Some examples on how to use it to gather email address accounts and user names:

Here are some useful scenarios that can be used for penetration testing.

Searching email accounts for the domain facebook.com, work with first 500 google results:

./theharvester.py -d facebook.com -l 500 -b google

Searching for email accounts for domain facebook.com in a PGP server, no need to specify limit here:

./theharvester.py -d facebook.com -b pgp

Searching for user names that works in Facebook company using Google as search engine and searching for specific LinkedIn users, in here we need to specify the limit of results that we want to use:

./theharvester.py -d facebook.com -l 200 -b linkedin

Searching in all of the sources at the same time, setting a limit of 200 results:

./theharvester.py -d microsoft.com-l 200 -b all

TheHarvester Changelog in 2.0:

  • Complete rewrite, more modular and easier to maintain
  • New sources added (Exalead, Google-Profiles, Bing-Api)
  • Setting time delay between request, to prevent search engines from blocking our IP´s
  • You can start the actual search from the results page that you want, hence you can *resume* a search
  • Lets you export to xml
  • All search engines harvesting and collecting